|
|
a228742 |
From bce370939e2a7cc02c0d66e6b1869815624cdf81 Mon Sep 17 00:00:00 2001
|
|
|
a228742 |
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
|
|
a228742 |
Date: Thu, 15 Nov 2012 14:32:18 +0100
|
|
|
a228742 |
Subject: [PATCH] Escape new-lines in Cookie and P3P headers
|
|
|
a228742 |
|
|
|
a228742 |
This is relevant difference between CGI 3.62 and 3.63.
|
|
|
a228742 |
See <https://bugzilla.redhat.com/show_bug.cgi?id=876974>.
|
|
|
a228742 |
|
|
|
a228742 |
Back-ported for 3.51
|
|
|
a228742 |
---
|
|
|
a228742 |
lib/CGI.pm | 24 ++++++++++++------------
|
|
|
a228742 |
t/headers.t | 6 ++++++
|
|
|
a228742 |
2 files changed, 18 insertions(+), 12 deletions(-)
|
|
|
a228742 |
|
|
|
a228742 |
diff --git a/lib/CGI.pm b/lib/CGI.pm
|
|
|
a228742 |
index d320d7f..7436a51 100644
|
|
|
a228742 |
--- a/lib/CGI.pm
|
|
|
a228742 |
+++ b/lib/CGI.pm
|
|
|
a228742 |
@@ -1550,8 +1550,17 @@ sub header {
|
|
|
a228742 |
'EXPIRES','NPH','CHARSET',
|
|
|
a228742 |
'ATTACHMENT','P3P'],@p);
|
|
|
a228742 |
|
|
|
a228742 |
+ # Since $cookie and $p3p may be array references,
|
|
|
a228742 |
+ # we must stringify them before CR escaping is done.
|
|
|
a228742 |
+ my @cookie;
|
|
|
a228742 |
+ for (ref($cookie) eq 'ARRAY' ? @{$cookie} : $cookie) {
|
|
|
a228742 |
+ my $cs = UNIVERSAL::isa($_,'CGI::Cookie') ? $_->as_string : $_;
|
|
|
a228742 |
+ push(@cookie,$cs) if defined $cs and $cs ne '';
|
|
|
a228742 |
+ }
|
|
|
a228742 |
+ $p3p = join ' ',@$p3p if ref($p3p) eq 'ARRAY';
|
|
|
a228742 |
+
|
|
|
a228742 |
# CR escaping for values, per RFC 822
|
|
|
a228742 |
- for my $header ($type,$status,$cookie,$target,$expires,$nph,$charset,$attachment,$p3p,@other) {
|
|
|
a228742 |
+ for my $header ($type,$status,@cookie,$target,$expires,$nph,$charset,$attachment,$p3p,@other) {
|
|
|
a228742 |
if (defined $header) {
|
|
|
a228742 |
# From RFC 822:
|
|
|
a228742 |
# Unfolding is accomplished by regarding CRLF immediately
|
|
|
a228742 |
@@ -1595,18 +1604,9 @@ sub header {
|
|
|
a228742 |
|
|
|
a228742 |
push(@header,"Status: $status") if $status;
|
|
|
a228742 |
push(@header,"Window-Target: $target") if $target;
|
|
|
a228742 |
- if ($p3p) {
|
|
|
a228742 |
- $p3p = join ' ',@$p3p if ref($p3p) eq 'ARRAY';
|
|
|
a228742 |
- push(@header,qq(P3P: policyref="/w3c/p3p.xml", CP="$p3p"));
|
|
|
a228742 |
- }
|
|
|
a228742 |
+ push(@header,"P3P: policyref=\"/w3c/p3p.xml\", CP=\"$p3p\"") if $p3p;
|
|
|
a228742 |
# push all the cookies -- there may be several
|
|
|
a228742 |
- if ($cookie) {
|
|
|
a228742 |
- my(@cookie) = ref($cookie) && ref($cookie) eq 'ARRAY' ? @{$cookie} : $cookie;
|
|
|
a228742 |
- for (@cookie) {
|
|
|
a228742 |
- my $cs = UNIVERSAL::isa($_,'CGI::Cookie') ? $_->as_string : $_;
|
|
|
a228742 |
- push(@header,"Set-Cookie: $cs") if $cs ne '';
|
|
|
a228742 |
- }
|
|
|
a228742 |
- }
|
|
|
a228742 |
+ push(@header,map {"Set-Cookie: $_"} @cookie);
|
|
|
a228742 |
# if the user indicates an expiration time, then we need
|
|
|
a228742 |
# both an Expires and a Date header (so that the browser is
|
|
|
a228742 |
# uses OUR clock)
|
|
|
a228742 |
diff --git a/t/headers.t b/t/headers.t
|
|
|
a228742 |
index 661b74b..4b4922c 100644
|
|
|
a228742 |
--- a/t/headers.t
|
|
|
a228742 |
+++ b/t/headers.t
|
|
|
a228742 |
@@ -22,6 +22,12 @@ like($@,qr/contains a newline/,'invalid header blows up');
|
|
|
a228742 |
like $cgi->header( -type => "text/html".$CGI::CRLF." evil: stuff " ),
|
|
|
a228742 |
qr#Content-Type: text/html evil: stuff#, 'known header, with leading and trailing whitespace on the continuation line';
|
|
|
a228742 |
|
|
|
a228742 |
+eval { $cgi->header( -p3p => ["foo".$CGI::CRLF."bar"] ) };
|
|
|
a228742 |
+like($@,qr/contains a newline/,'P3P header with CRLF embedded blows up');
|
|
|
a228742 |
+
|
|
|
a228742 |
+eval { $cgi->header( -cookie => ["foo".$CGI::CRLF."bar"] ) };
|
|
|
a228742 |
+like($@,qr/contains a newline/,'Set-Cookie header with CRLF embedded blows up');
|
|
|
a228742 |
+
|
|
|
a228742 |
eval { $cgi->header( -foobar => "text/html".$CGI::CRLF."evil: stuff" ) };
|
|
|
a228742 |
like($@,qr/contains a newline/,'unknown header with CRLF embedded blows up');
|
|
|
a228742 |
|
|
|
a228742 |
--
|
|
|
a228742 |
1.7.11.7
|
|
|
a228742 |
|